CVE-2025-0649

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-0649
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-0649.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-0649
Downstream
Published
2025-05-06T21:16:17.880Z
Modified
2026-04-12T19:53:20.382636Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash.

References

Affected packages

Git / github.com/tensorflow/serving

Affected ranges

Type
GIT
Repo
https://github.com/tensorflow/serving
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5815bfdd1d1bbd9d0d3557576c98f13afc4d9016
Fixed
6cb013167d13f2ed3930aabb86dbc2c8c53f5adf
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.18.0"
        }
    ]
}

Affected versions

0.*
0.4.0
0.4.1
0.5.0
2.*
2.18.0
2.18.0-rc0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-0649.json"
vanir_signatures 
[
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "33313622061455834989193824769725938223",
                "170287574090103825485810930117398371980",
                "225279118625217240216539850637470460701",
                "29151260469246351567679484755115701544",
                "209082186909377360700755147059185523267"
            ]
        },
        "id": "CVE-2025-0649-6cc15a23",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/tensorflow/serving/commit/6cb013167d13f2ed3930aabb86dbc2c8c53f5adf",
        "target": {
            "file": "tensorflow_serving/util/json_tensor_test.cc"
        }
    },
    {
        "digest": {
            "length": 680.0,
            "function_hash": "322296174850325687516159224633680964763"
        },
        "id": "CVE-2025-0649-716c216f",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/tensorflow/serving/commit/6cb013167d13f2ed3930aabb86dbc2c8c53f5adf",
        "target": {
            "function": "ParseJson",
            "file": "tensorflow_serving/util/json_tensor.cc"
        }
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "114503701882281221747311828247390483085",
                "336540511580128078187935889454052123068",
                "292514187086136293085684902410954272796",
                "291139681700318251871305843196225071247",
                "133307271732502029172983826786739290516",
                "156566270977590589552580572110016899025",
                "255468276622946149515426544847369765607",
                "332401276573278464426861210418609722436",
                "59432167200414694748385215840341897069",
                "213889593477677561508600830915885674543",
                "215694316327476823023053281866632383899",
                "118258091143412154895036749537578722666",
                "196384817458723608730744866987650426502",
                "327670831350874316569512690530476533581",
                "99477031316042726745301346784810223210",
                "80521309152984029715595145514753791898",
                "150075072599923958895312534238690805464",
                "8574880841692931079913542834712400791",
                "320358407702305346316262832511672692117",
                "205493114959826669575223003287253841721",
                "226031831601194684984250742906265945489",
                "79854907568009761580495922785933538576",
                "42148039929952949273109154596136856680",
                "203118463111300904336504378789905987338",
                "171198116876964816631155789215812764418",
                "248332716326403251408726009787228155967",
                "280249969612775181598659541436588012168",
                "179238146529470344815316402616316834748",
                "328430075752856183798178969434259728189",
                "249394444635400529536027538278564715322",
                "225090231520018383992103295947419244549",
                "211072638066032961839855663316832511066",
                "208090802790959205289314106401938490189",
                "145849568952526388064477800206299137130",
                "254856429925843951434078537397322965566",
                "274939063172593885544382326335597353142",
                "288064230707038422300444368013880475602",
                "38884759855217901741052595173093962010",
                "270303948094598469056705514357094342135",
                "335669996888779506159885619933568325901",
                "54893145293745711289879434026187979040",
                "62199555561436711630887721488049314582",
                "107989430371487190098623005233625139897",
                "283504218108762149188865615630641498947",
                "50187170922624305443692180332458969571",
                "330174710343445819571358756319110172116",
                "250988661851482764894473217190582389957",
                "66765933511804570038085312900550423859",
                "166597075588357245086279070076936749988",
                "264941485326778133537810693889297591345",
                "174642195803844236044656766558516445171",
                "206561641805216626899431258557188430537",
                "38911406542726804611151308116001701828",
                "120110307775142110130306641646293420535",
                "239629086763367114683505491098286388891"
            ]
        },
        "id": "CVE-2025-0649-a3d42f86",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "source": "https://github.com/tensorflow/serving/commit/6cb013167d13f2ed3930aabb86dbc2c8c53f5adf",
        "target": {
            "file": "tensorflow_serving/util/json_tensor.cc"
        }
    },
    {
        "digest": {
            "length": 294.0,
            "function_hash": "309355315477105074540593591278846991138"
        },
        "id": "CVE-2025-0649-af486313",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "source": "https://github.com/tensorflow/serving/commit/6cb013167d13f2ed3930aabb86dbc2c8c53f5adf",
        "target": {
            "function": "JsonValueToString",
            "file": "tensorflow_serving/util/json_tensor.cc"
        }
    }
]
vanir_signatures_modified 
"2026-04-12T19:53:20Z"